Korean

<< Back VID 23177 Severity 40 Port 41524 Protocol UDP Class Daemon Detailed Description The BrightStor Backup Discovery Service, according to its version, is vulnerable to a buffer overflow vulnerability. BrightStor ARCserve Backup is an enterprise class backup program and its Discovery Service listens for broadcast packets from other BrightStor servers on the local network to learn about their existence. Multiple Computer Associates (CA) BrightStor ARCserve Backup products could allow a remote attacker to execute arbitrary code, caused by a buffer overflow in the Discovery Service. By sending a specially-crafted packet to the Discovery Service on the affected system, a remote attacker could execute arbitrary code on the system with SYSTEM privileges. * References: http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp http://www.securityfocus.com/archive/1/archive/1/453916/100/0/threaded http://www.frsirt.com/english/advisories/2006/4910 http://www.iss.net/threats/242a.html * Platforms Affected: Computer Associates, BrightStor ARCserve Backup r11.1 Computer Associates, BrightStor ARCserve Backup r11.5 SP1 and earlier Computer Associates, BrightStor ARCserve Backup v9.01 Computer Associates, CA Business Protection Suite r2 Computer Associates, CA Business Protection Suite for MS Premium Edition r2 Computer Associates, CA Business Protection Suite for MS Standard Edition r2 Computer Associates, CA Server Protection Suite r2 Computer Associates, BrightStor ARCserve Backup for Windows r11 Computer Associates, BrightStor Enterprise Backup r10.5 Microsoft Windows Any version Recommendation Either apply the appropriate fix for your system (QO81201, QO84609, QI82917, QO84611, or QO84610) or upgrade to BrightStor ARCserve Backup r11.5 SP2 or later, available from the CA SupportConnect Web site at http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp Related URL CVE-2006-6379 (CVE) Related URL 21502 (SecurityFocus) Related URL 30791 (ISS)